Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


point to point tunnel

Posted on 2008-06-10
Medium Priority
Last Modified: 2010-04-12
I have connect a remote office in a different state to the main office. The main office currently has a Sonicwall TZ170 for it's firewall. The remote office doesn't have anything yet. What would be the best solution for this? I would like for the remote site to work of the main office servers just like it's in the same building. Would the best solution be for  purchasing a T1 line tunnel from A to B or would any internet work and just use the hardware? I've never set up one before so any help including white pages would be appreciated.
Question by:cnmgt
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 28

Expert Comment

ID: 21758195
There are several approaches you can take to this.  One would be a dedicated T1 from site to site. This is fairly effective and costs are "reasonable"  If you don't have huge data needs you could look into using local DSL or Cable connectivity to get to the Internet and establish a VPN.  The downside to this is dealing with local phone or cable companies. Depending on your internal set up you might be able to run a T1 connection without having to have a VPN in place as it's a dedicated line. You don't have to use hardware-based VPN connectivity as Windows and Mac have it built-in, but I find that using Cisco hardware devices at each end makes for an always on VPN connection that in effect puts your remote office on your local office and is very stable.

If you have bigger data needs you might also look into a multi-MB WAN connection if your provider can supply one.  We use such a connection from TWTC between sites and it works very well.  You might also look into the WAN connection instead of the T1 just in terms of pricing.  Sometimes these newer connections are less expensive than the older T1 technology.

We have 20-30 sites that are remote to our main location and we have used both the WAN connection (replaced T1) and DSL/Cable connections.  We use WAN for larger sites and DSL/Cable for smaller ones.  WAN connections come right into switches at our site and run as a separate IP segment...this is a direct connect for us and no VPN needed...it's an extension of our primary network.  All smaller sites use the cisco hardware to hardware VPN setup and unless the phone/cable company has an issue it works really well.

Author Comment

ID: 21758986
Do know of any links for a detail WAN setup? Our problem is the Cali office connects to the main office in Colorado using a web interface. We have a Sonicwall SSL device. Once they establish the connection then the click the link for the terminal server. It runs slow and they are kicked off constantly. I think it might be running slow because the company uses a NAS device using sata drives for file sharing. I don't think NAS is designed for constant network use.
LVL 28

Accepted Solution

jhyiesla earned 2000 total points
ID: 21759059
Not really. It depends on what your end points look like in terms of terminating equipment and what features your Provider offers. Your provider should be able to advise you on what you need to complete the connection based on your network topology.  For example, we use WAN links for both Internet access for our entire company and for connection of our larger sites to our main network. The lines from the Vendors perspective are different because of what we are trying to accomplish with each. They both terminate at our facility through our edge router to a Cisco switch. However, the Internet connection goes directly to our firewall and then on to the network and the other link goes to a BGP router and then on to our main switch.

If you decide to go with the high speed WAN link, make sure your provider works with you and understands your topology completely and gives you help in configuring your endpoint equipment. We didn't do as good a job as we should have with this and ended up doing a lot of work after the fact which delayed the bring up of the links and extended the initial troubleshooting that we had to do.

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question